Access mozilla firefox certificate store to HCERTSTORE

Question

Need to add custom certificate "MycustomCert.pem" trusted list in Mozilla Firefox certificate store. How can I modify the trusted Certificate list in Mozilla Certificate store ?

Sample code of getting windows ROOT certificate store. Instead of root need to get the access of Mozilla Certificate to HCERTSTORE data structure

int main()
{
    HCERTSTORE hRootStore;   

    hRootStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_STORE_OPEN_EXISTING_FLAG | CERT_SYSTEM_STORE_LOCAL_MACHINE, L"ROOT");
    if (!hRootStore)
        return 1;  

    CertCloseStore(hRootStore, 0); 
    return 0;
}

give alternative methods are other than using certutils.exe

Chrome uses the system's certificate store. Firefox and Opera have their own certificate store. Firefox uses NSS, not OpenSSL. I doubt you will be able to use the Windows' APIs to access or modify Mozilla's certificate store (but I don't know for certain). — jww, Mar 02 '17 at 21:05

score 0 · Accepted Answer · answered Mar 15 '17 at 06:35

I have faced the issue and I have created a batch file for adding certificate to mozilla store,

set certificateFile=Ourcert.pem
set certificateName=UurCertName
Set FFProfdir=%Appdata%\mozilla\firefox\profiles
DIR %FFProfDir% /A:D /B > "%Temp%\FFProfile.txt" 
FOR /F "tokens=*" %%i in (%Temp%\FFProfile.txt) do ( call :Foo %%i  
) 
pause

:Foo
set cetDbLoc=%FFProfdir%\%1
C:\nss3.13.5nspr4.9.1x86\bin\certutil -A -n %certificateName% -t "TCu,Cuw,Tuw" -i %certificateFile% -d %cetDbLoc%
:End

You have to download the nss tools from mozilla and use the certutil inside the nss tools not the windows default certutil

is there any way to access this within c++? – Opa114 Mar 06 '19 at 15:53 — Opa114, Mar 06 '19 at 15:53

Access mozilla firefox certificate store to HCERTSTORE

1 Answers1